Viktor Dukhovni
|
449d864515
Multiple verifier reference identities.
|
10 years ago |
Viktor Dukhovni
|
3fc0b1edad
X509_check_mumble() failure is <= 0, not just 0
|
10 years ago |
Viktor Dukhovni
|
d93edc0aab
Drop hostlen from X509_VERIFY_PARAM_ID.
|
10 years ago |
Viktor Dukhovni
|
a2219f6be3
Fixes to host checking.
|
10 years ago |
Dr. Stephen Henson
|
bdfc0e284c
For self signed root only indicate one error.
|
10 years ago |
Dr. Stephen Henson
|
b07e4f2f46
Include TA in checks/callback with partial chains.
|
10 years ago |
Dr. Stephen Henson
|
ced6dc5cef
Add cert_self_signed function to simplify verify
|
10 years ago |
Dr. Stephen Henson
|
bf2d129194
Simplify X509_STORE_CTX_get1_chain (from master).
|
10 years ago |
Dr. Stephen Henson
|
50701af9d5
Fix bug in X509_V_FLAG_IGNORE_CRITICAL CRL handling.
|
10 years ago |
Dr. Stephen Henson
|
adc6bd73e3
Add opaque ID structure.
|
10 years ago |
Dr. Stephen Henson
|
53a8f8c26d
Fix for partial chain notification.
|
10 years ago |
Dr. Stephen Henson
|
5117d50b7e
Partial path fix.
|
11 years ago |
Dr. Stephen Henson
|
71c34b7f2d
Fix verify loop with CRL checking.
|
11 years ago |
Dr. Stephen Henson
|
6a10f38daa
initial support for delta CRL generations by diffing two full CRLs
|
12 years ago |
Ben Laurie
|
72dfff2d5e
Fix warning.
|
11 years ago |
Dr. Stephen Henson
|
ba8bdea771
add suite B chain validation flags and associated verify errors
|
11 years ago |
Dr. Stephen Henson
|
2b5e5c3d08
Revert incompatible OCSP_basic_verify changes.
|
11 years ago |
Dr. Stephen Henson
|
70cd3c6b95
Integrate host, email and IP address checks into X509_verify.
|
11 years ago |
Dr. Stephen Henson
|
9a1f59cd31
New verify flag to return success if we have any certificate in the trusted
|
11 years ago |
Ben Laurie
|
d65b8b2162
Backport OCSP fixes.
|
11 years ago |
Dr. Stephen Henson
|
e04ccbc5cc
Fix two bugs which affect delta CRL handling:
|
12 years ago |
Dr. Stephen Henson
|
9d2006d8ed
add -trusted_first option and verify flag (backport from HEAD)
|
12 years ago |
Dr. Stephen Henson
|
e8f31f80d1
PR: 2606
|
13 years ago |
Dr. Stephen Henson
|
cd447875e6
Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the past
|
13 years ago |
Ben Laurie
|
78ef9b0205
Fix warnings.
|
13 years ago |
Dr. Stephen Henson
|
4444ff7632
Submitted by: Jonathan Dixon <joth@chromium.org>
|
14 years ago |
Dr. Stephen Henson
|
5e8d95f590
PR: 2103
|
15 years ago |
Dr. Stephen Henson
|
4a7f7171f5
Add missing functions to allow access to newer X509_STORE_CTX status
|
15 years ago |
Dr. Stephen Henson
|
0c2c2e71a6
If not checking all certificates don't attempt to find a CRL
|
15 years ago |
Dr. Stephen Henson
|
d1d746afb4
Need to check <= 0 here.
|
15 years ago |